package com.buxiaoxia.system.config;

import com.buxiaoxia.business.enums.TokenEnums;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 退出登录删除redis存储的token信息  防止refresh_token
 * Created by 罗昆 on 2018/9/21.
 */
@Configuration
public class MyLogoutSuccessHandler implements LogoutSuccessHandler {


    @Autowired(required = false)
    private com.buxiaoxia.system.config.MyRedisTokenStore myRedisTokenStore;


    @Override
    public void onLogoutSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        String token =httpServletRequest.getHeader("Authorization");
        String AccessToken=token.split(" ")[1];
        OAuth2AccessToken oAuth2AccessToken= myRedisTokenStore.readAccessToken(AccessToken);
        OAuth2Authentication oAuth2Authentication=myRedisTokenStore.readAuthentication(oAuth2AccessToken);
        myRedisTokenStore.removeAllToken(oAuth2AccessToken,oAuth2Authentication);
    }


}
